{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:a8e47d09-4481-5193-bd17-876a6f9a5523", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.2", "type": "library", "group": "org.springframework", "name": "spring-messaging", "version": "5.3.37-tuxcare.2", "purl": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:f3c2b40c-9478-52e2-a768-17b91cf39ea5", "id": "CVE-2016-1000027", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-1000027 affects version 5.3.37-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:d21716de-da00-5637-806d-e0f3c21a53fd", "id": "CVE-2024-38808", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38808 affects version 5.3.37-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:265f48bb-75a3-5c17-b509-0af309f6db28", "id": "CVE-2024-38809", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38809 is fixed in version 5.3.37-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2e233794-bcb1-5d34-a8e9-386c121c4038", "id": "CVE-2024-38816", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38816 is fixed in version 5.3.37-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c397c689-4a27-5af2-920d-bb913dc79225", "id": "CVE-2024-38819", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38819 affects version 5.3.37-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:88141ab7-4a77-5263-8a99-1245df37fd91", "id": "CVE-2024-38820", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-38820 is fixed in version 5.3.37-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:64ae1605-d9e2-58da-815e-ba4ef8e1751f", "id": "CVE-2024-38828", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-38828 affects version 5.3.37-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:08433b79-47cd-5419-bcd4-3df132528e88", "id": "CVE-2025-22233", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-22233 affects version 5.3.37-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:810fab3c-5264-5f6f-8ddb-65f1f12dabb1", "id": "CVE-2025-41242", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41242 affects version 5.3.37-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45f026df-b1c9-5f23-b413-25ac470fa479", "id": "CVE-2025-41249", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-41249 is fixed in version 5.3.37-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:2faeaa84-6167-5707-a840-a2d7b83921de", "id": "CVE-2025-41254", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-41254 affects version 5.3.37-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:13d57583-62c9-5880-97d0-d29ead9091a7", "id": "CVE-2026-22735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22735 affects version 5.3.37-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:45c39658-5bec-5039-b05f-e196528888cd", "id": "CVE-2026-22737", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-22737 affects version 5.3.37-tuxcare.2 of org.springframework:spring-messaging." }, "affects": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.springframework/spring-messaging@5.3.37-tuxcare.2" } ] }